7 Points Checklist for Moving a Site from HTTP to HTTPS

Thursday, 18 May 2017

A decade ago, using unencrypted HTTP was sufficient for blogs and sites that didn’t ask for any personal information. If you needed to work with financial transactions, using encrypted HTTPS on pages that asked for private data was sufficient. Now, however, most of your customers and readers expect HTTPS on every page.

The main benefit of HTTPS over HTTP is an increase in security. HTTPS requires what’s known as a SSL certificate to encrypt the transmitted data over the web. The secure data could be identity and/or financial information.Google takes security very seriously and has shown this by giving a small boost to ranking positions to sites that have made the switch to HTTPS.

Browsers now display a secure padlock notification when fully protected with HTTPS. A visitor can be confident when they see this and trust that the site is fully secure.If you’ve decided to move from HTTP to HTTPS, here is a checklist to ensure the move runs smoothly.

1. Set Up 301 Redirects

A 301 redirect sends users from the HTTP version to the HTTPS version. It also works for search engines to avoid duplicate content. Google has announced that it will use the HTTPS version if you had both available, but this doesn’t help your users who open your HTTP version from an external link. A 301 redirect will make the transition smooth for your users if they have any of your old pages bookmarked.

2. Change Your Internal Links from HTTP to HTTPS

If you use absolute links on your pages, you specify a protocol when linking to pages within your site. If you have 301 redirects in place, your server will send readers to the right version. However, it’s best to update your links to reflect the new protocol should you break the 301 redirects.

3. Check the robots.txt File

The robots.txt file controls the way search engines crawl your content. If you move servers due to the protocol change, it’s always best to ensure that this file does not block any important files. If you have no URL structural changes, the file is probably fine without any changes. It’s still a good idea to review it before going live.

4. Update Links on Your Social Media Accounts

You don’t have much control of external links unless your affiliates and partners update backlinks for you. You do have control of social media accounts, so you should go through them and update links. You don’t need to update all links, but you should at least update the ones that send considerable traffic to your site.

5. Update Contact References

If you have any social media accounts for work-related contact, you need to update those links. For instance, you might have your site referenced on your LinkedIn page. Make sure to update any email addresses or contact information including business cards, personal blogs, and email signatures.

6. Do a Search for HTTP in Your Code

You might need a programmer for this step. For some redirects, the code specifies HTTP or HTTPS. For instance, if you’re using PayPal as a payment processor, the system redirects users to a specified page after they’ve made a payment. You need to update this page to point to the right HTTPS page. You probably already point to HTTPS, but it’s best to review the code and ensure that it points to the new protocol.

7. Test Your Site

Never promote new infrastructure without thoroughly testing it first. You can set up a test environment in the cloud and emulate your servers. You won’t be able to use the SSL/TLS certificate on the test server, but you can use a self-signed certificate for testing HTTPS. Testing ensures that no server errors occur when you transfer to the new protocol.

Moving to HTTPS isn’t a complicated process, but updating links and code are needed for the process to run smoothly. Make sure you test the site before promoting your code to production and make a list of links to update before you move.